Shulou(Shulou.com)06/01 Report--

This article introduces the knowledge of "how to configure Proftpd server on Fedora 22". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

In this article, we will learn how to use Proftpd to set up a FTP server on a computer or server running Fedora 22. ProFTPD is a free and open source FTP server software based on GPL license, which is the mainstream FTP server on Linux. Its main design goal is to provide many advanced features and to provide users with a wide range of configuration options for easy customization. It has many configuration options that are still not available in some other FTP server software. It was originally developed as a more secure and easy-to-configure alternative to wu-ftpd servers.

The FTP server is software that allows users to upload or download files and directories from the remote server where it is installed through the FTP client. Here are some of the main features of the ProFTPD server. More details can be found at http://www.proftpd.org/features.html.

Each directory can contain ".ftpaccess" files for access control, similar to Apache's ".htaccess".

Support multiple virtual FTP servers as well as multi-user login and anonymous FTP services.

You can start the service as a stand-alone process or through inetd/xinetd

Its file / directory attributes, ownership, and permissions are based on UNIX.

It can run independently to protect the system from possible damage caused by root access.

The modular design makes it easy to extend other modules, such as LDAP server, SSL/TLS encryption, RADIUS support, and so on.

The ProFTPD server also supports IPv6.

Here are some simple steps to set up a FTP server using ProFTPD on a computer running the Fedora 22 operating system.

1. Install ProFTPD

First, we will install the Proftpd software on the machine running Fedora 22. Because the yum package manager has been abandoned, we will use the latest and best package manager, dnf. DNF is easy to use and is a very user-friendly package manager on Fedora 22. We will use it to install proftpd software. This requires running the following command in sudo mode from the terminal or console.

$sudo dnf-y install proftpd proftpd-utils2. Configure ProFTPD

Now, we will modify some configuration of the software. To configure it, we need to edit the / etc/proftpd.conf file with a text editor. The / etc/proftpd.conf file is the main configuration file for the ProFTPD software, so any changes to this file will affect the FTP server. Here are the changes we made in the initial steps.

$sudo vi / etc/proftpd.conf

After that, after opening the file with a text editor, we will want to change ServerName and ServerAdmin to fill in our domain name and email address, respectively. We changed it next.

ServerName "ftp.linoxide.com" ServerAdmin arun@linoxide.com

After that, we will add the following settings to the configuration file so that the server can log access and authorization to the appropriate log file.

ExtendedLog / var/log/proftpd/access.log WRITE,READ defaultExtendedLog / var/log/proftpd/auth.log AUTH auth

Adjust ProFTPD settin

3. Add FTP user

After setting up the basic configuration file, we naturally want to add a FTP user with a specific directory as the root directory. Currently logged-in users can automatically use the FTP service, which can be used to log in to the FTP server. However, in this tutorial, we will create a new user with the specified directory on the ftp server as the main directory.

Next, we will create a new user group named ftpgroup.

$sudo groupadd ftpgroup

Then, we will add a new user arunftp with the directory / ftp-dir/ as the home directory and join the group.

$sudo useradd-G ftpgroup arunftp-s / sbin/nologin-d / ftp-dir/

After creating the user and joining the user group, we will set a password for the user arunftp.

$sudo passwd arunftp Changing password for user arunftp.New password:Retype new password:passwd: all authentication tokens updated successfully.

Now, we will set read and write permissions for the home directory for this ftp user with the following command. (LCTT note: this is a SELinux-related setting. If SELinux is not enabled, you can not use it.)

$sudo setsebool-P allow_ftpd_full_access=1$ sudo setsebool-P ftp_home_dir=1

Then, we will set that other users are not allowed to move or rename this directory and its contents.

$sudo chmod-R 1777 / ftp-dir/4. Turn on TLS support

At present, the encryption method used by FTP is not secure, and anyone can read the data transmitted by FTP by monitoring the network card. Therefore, we will turn on TLS encryption support for our servers. In that case, you need to edit the / etc/proftpd.conf configuration file. Before that, let's back up the current configuration file to ensure that it can be restored after the problem is fixed.

$sudo cp / etc/proftpd.conf / etc/proftpd.conf.bak

We can then modify the configuration file with our favorite text editor.

$sudo vi / etc/proftpd.conf

Then, append the following lines to what we added in step 2.

TLSEngine onTLSRequired onTLSProtocol SSLv23TLSLog / var/log/proftpd/tls.logTLSRSACertificateFile / etc/pki/tls/certs/proftpd.pemTLSRSACertificateKeyFile / etc/pki/tls/certs/proftpd.pem

Open TLS configuration

After completing the above settings, save and exit.

Then, we need to generate the SSL credential proftpd.pem and put it in the / etc/pki/tls/certs/ directory. In that case, you first need to install openssl on Fedora 22.

$sudo dnf install openssl

You can then generate SSL credentials by executing the following command.

$sudo openssl req-x509-nodes-newkey rsa:2048-keyout / etc/pki/tls/certs/proftpd.pem-out / etc/pki/tls/certs/proftpd.pem

The system will ask for some basic information that will be written into the credential. After filling in the data, a 2048-bit RSA private key is generated.

Generating a 2048 bit RSA private key.+++.+++writing new private key to'/ etc/pki/tls/certs/proftpd.pem'-You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name ora DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter'. The field will be left blank.-Country Name (2 letter code) [XX]: NPState or Province Name (full name) []: NarayaniLocality Name (eg, city) [Default City]: BharatpurOrganization Name (eg, company) [Default Company Ltd]: LinoxideOrganizational Unit Name (eg, section) []: Linux FreedomCommon Name (eg, your name or your server's hostname) []: ftp.linoxide.comEmail Address []: arun@linoxide.com

After that, we will change the permissions of the generated credential file to increase security.

$sudo chmod 600 / etc/pki/tls/certs/proftpd.pem5. Allow FTP to pass through Firewall

Now, you need to allow the ftp port, which is generally blocked by the firewall by default. That is, the ftp port needs to be allowed to be accessed through the firewall.

If TLS/SSL encryption is turned on, execute the following command.

$sudo firewall-cmd-- add-port=1024-65534 TCP $sudo firewall-cmd-- add-port=1024-65534/tcp-- permanent

If TLS/SSL encryption is not turned on, execute the following command.

$sudo firewall-cmd-permanent-zone=public-add-service=ftp success

Then, reload the firewall settings.

$sudo firewall-cmd-reload success6. Start and activate ProFTPD

After all is set up, the last step is to start ProFTPD and give it a try. You can run the following command to start the proftpd ftp daemon.

$sudo systemctl start proftpd.service

Then, we can set the boot up.

$sudo systemctl enable proftpd.service Created symlink from / etc/systemd/system/multi-user.target.wants/proftpd.service to / usr/lib/systemd/system/proftpd.service.7. Log in to the FTP server

Now, if it is all set up according to this tutorial, we can certainly connect to the ftp server and log in with the information set above. Here, we will configure the FTP client filezilla, using the server's IP or name * as the hostname, protocol selection * FTP, and the user name entered in arunftp. The password is the password set in step 3 above. If you turn on TLS support as shown in step 4, you also need to select the explicit TLS-based FTP in the encryption type, and if it is not turned on and you do not want to use TLS encryption, choose simple FTP for the encryption type.

FTP login details

To make the above settings, you need to open the file in the menu, click site Manager, then click New site, and then set it as above.

FTP SSL credential

Then the system will ask to allow SSL credentials, click OK. After that, you can upload and download files and folders from our FTP server.

Summary

Finally, we successfully installed and configured the Proftpd FTP server on the Fedora 22 machine. Proftpd is a super powerful FTP daemon that can be highly customized and extended. The above tutorial shows how to configure a secure FTP server with TLS encryption. It is strongly recommended that you set up the FTP server to support TLS encryption because it allows encrypted data transfers and logins using SSL credentials. In this article, we also do not configure anonymous access for FTP, because this is not recommended on general protected FTP systems. FTP access makes it easier and more efficient for people to upload and download. We can also change the user port to increase security.

That's all for "how to configure a Proftpd server on Fedora 22". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.